package www.houdoudou.com.parent;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;

import www.houdoudou.com.common.CommonFunction;
import net.sf.json.JSONObject;

public class ParentManager  {
	
	  
	
	JSONObject  managerManage(String jsonData){
		JSONObject result = new JSONObject();
		JSONObject jsonfrom= JSONObject.fromObject(jsonData);		
		JSONObject jsoncheck=loginCheck(jsonData);
		boolean isMotherLogin= jsoncheck.getBoolean("ActionStatus");
		// 判断 查询人的身份
		if(isMotherLogin){
		//判断请求的功能
		int FunctionCode=jsonfrom.getInt("FunctionCode");
		   PreparedStatement pstm=null; 
		   Statement  stm=null;
		   ResultSet rs=null; 		 
		   Connection conn= CommonFunction. getConnection();
		switch(FunctionCode){
		// 查询 下一及队员
		case 1:{
			
				// step1获取母身份的权限。 1为总经理 2为软件总监 ，3为分区经理
				int Manager_Authority= jsonfrom.getInt("Manager_Authority");
				// step2 查询字管理员
				  
				   String SubManager_Telnum=jsonfrom.getString("SubManager_Telnum");
				   try {
					   String sql = "select * from Tb_Parent_Manager where Manager_Telnum="+SubManager_Telnum+"";  
						stm=conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,ResultSet.CONCUR_READ_ONLY);
						rs= stm.executeQuery(sql);
						if(rs.next()){
							
							
							String SubManager_Auhority=rs.getString("Manager_Authority"); 
							CharSequence isAhouritied=SubManager_Auhority.subSequence(Manager_Authority, Manager_Authority+1);
							if(isAhouritied.charAt(0)=='1'){
								result.put("ActionStatus", true);
								result.put("ErrorInfo", "查询成功");
								result.put("SubManager_isAuthority", rs.getString("Manager_isAuthority"));
								
							}else{
								result.put("ActionStatus", false);
								result.put("ErrorInfo", "你没有权限对该用户操作");
							}
							
							
						}else{
							result.put("ActionStatus", false);
							result.put("ErrorInfo", "要查询的用户不存在");
						}
						
					} catch (SQLException e) {
						// TODO Auto-generated catch block
						e.printStackTrace();
						result.put("ActionStatus", false);
						result.put("ErrorInfo", "数据库查询异常");
					}    			
				   break;     } //case 1
		//修改授权
		case 2:{
			// step1获取母身份的权限。 1为总经理 2为软件总监 ，3为分区经理
			int Manager_Authority= jsonfrom.getInt("Manager_Authority");
			// step2 数据库输入。
			 String SubManager_Telnum=jsonfrom.getString("SubManager_Telnum");
					
			String sql =  "select * from Tb_Parent_Manager where Manager_Telnum="+SubManager_Telnum+"";
			try {
				
					stm=conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,ResultSet.CONCUR_UPDATABLE);
					rs= stm.executeQuery(sql);
					if(rs.next()){
						
						
						String SubManager_Auhority=rs.getString("Manager_Authority"); 
						CharSequence isAhouritied=SubManager_Auhority.subSequence(Manager_Authority, Manager_Authority+1);
						if(isAhouritied.charAt(0)=='1'){
							
							rs.updateString("Manager_isAuthority", jsonfrom.getString("SubManager_isAuthority"));
							rs.updateRow();
							result.put("ActionStatus", true);
							result.put("ErrorInfo", "更新成功");
							
							
						}else{
							result.put("ActionStatus", false);
							result.put("ErrorInfo", "你没有权限对该用户操作");
						}
						
						
					}else{
						result.put("ActionStatus", false);
						result.put("ErrorInfo", "要修改的用户不存在");
					}
			} catch (SQLException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
				result.put("ActionStatus", false);
				result.put("ErrorInfo", "数据库查询异常");
			}
			
			 break;    } //case2
		// 删除下一及队员
				case 3:{
					
						// step1获取母身份的权限。 1为总经理 2为软件总监 ，3为分区经理
						int Manager_Authority= jsonfrom.getInt("Manager_Authority");
						// step2 查询字管理员
						  
						   String SubManager_Telnum=jsonfrom.getString("SubManager_Telnum");
						   try {
							   String sql = "select * from Tb_Parent_Manager where Manager_Telnum="+SubManager_Telnum+"";  
								stm=conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,ResultSet.CONCUR_READ_ONLY);
								rs= stm.executeQuery(sql);
								if(rs.next()){
									
									
									String SubManager_Auhority=rs.getString("Manager_Authority"); 
									CharSequence isAhouritied=SubManager_Auhority.subSequence(Manager_Authority, Manager_Authority+1);
									if(isAhouritied.charAt(0)=='1'){
										
										try{
										
										sql="delete from Tb_Parent_Manager where Manager_Telnum="+SubManager_Telnum+"";   			   
							             stm=conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,ResultSet.CONCUR_UPDATABLE);  							           
							            		 stm.executeUpdate(sql);  	
							     				
													result.put("ActionStatus", true);
													result.put("ErrorInfo", "删除成功");
										} catch (SQLException e) {
											// TODO Auto-generated catch block
											e.printStackTrace();
											result.put("ActionStatus", false);
											result.put("ErrorInfo", "数据库删除操作失败");
										} 
										
									}else{
										result.put("ActionStatus", false);
										result.put("ErrorInfo", "你没有权限对该用户操作");
									}
									
									
								}else{
									result.put("ActionStatus", false);
									result.put("ErrorInfo", "要删除的用户不存在");
								}
								
							} catch (SQLException e) {
								// TODO Auto-generated catch block
								e.printStackTrace();
								result.put("ActionStatus", false);
								result.put("ErrorInfo", "数据库查询操作失败");
							}    			
						   break;     } //case 3
		// 添加管理员
		case 4:{
			// step1获取母身份的权限。 1为总经理 2为软件总监 ，3为分区经理
			int Manager_Authority= jsonfrom.getInt("Manager_Authority");
			// step2 检查是否已经存在
			 String SubManager_Telnum=jsonfrom.getString("SubManager_Telnum");
			   try {
				   String sql = "select * from Tb_Parent_Manager where Manager_Telnum="+SubManager_Telnum+"";  
					stm=conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,ResultSet.CONCUR_READ_ONLY);
					rs= stm.executeQuery(sql);
				if(!rs.next()){	
			// step3 数据库输入。
			 
			 String SubManager_Secret=jsonfrom.getString("SubManager_Secret");
			 String SubManager_Authority="";
			 switch(Manager_Authority){
			 case 1: { SubManager_Authority="010"; break;}
			 case 2: { SubManager_Authority="001"; break;}
			 }
			sql = "insert  into Tb_Parent_Manager (Manager_Telnum,Manager_Secret,Manager_Authority,Manager_isAuthority) values (?,?,?,?)";;
			
				pstm=conn.prepareStatement(sql);
				pstm.setString(1, SubManager_Telnum);
				pstm.setString(2, SubManager_Secret);
				pstm.setString(3, SubManager_Authority);
				pstm.setString(4,jsonfrom.getString("SubManager_isAuthority"));
			    pstm.executeUpdate();
			    result.put("ActionStatus", true);
				result.put("ErrorInfo", "增加成功");
				}else{
					result.put("ActionStatus", false);
					result.put("ErrorInfo", "用户已经存在");
				}
			} catch (SQLException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
				result.put("ActionStatus", false);
				result.put("ErrorInfo", "数据库异常");
			}
			
			
			   
			   break;    } //case4
		
		
		//修改自己的密码
		  case 5:{
			  try {
				  String Manager_Telnum=jsonfrom.getString("Manager_Telnum");
				   String Manager_New_Secret=jsonfrom.getString("Manager_New_Secret");			 
				   String sql = "select * from Tb_Parent_Manager where Manager_Telnum="+Manager_Telnum+"";  
					stm=conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,ResultSet.CONCUR_UPDATABLE);
					rs= stm.executeQuery(sql);
					if(rs.next()){
						rs.updateString("Manager_Secret", Manager_New_Secret);
						rs.updateRow();
						result.put("ActionStatus", true);
						result.put("ErrorInfo", "密码更改成功");
					}
			  }catch (SQLException e) {
					// TODO Auto-generated catch block
					e.printStackTrace();
					result.put("ActionStatus", false);
					result.put("ErrorInfo", "密码更改失败");
				} 
					
					
				 break;  } //case5
		
		} //switch
		
               closeConn(conn, pstm, stm, rs);
		
		}else{
			
			result.put("ActionStatus", false);
			result.put("ErrorInfo", "登陆存储不正确");
		}
		
		return result;
	}
	
    
	public static JSONObject  loginCheck(String jsonData){
		 // step1 所有数据定义
		   JSONObject result= new JSONObject();
	
		   PreparedStatement pstm=null; 
		   Statement  stm=null;
		   ResultSet rs=null; 		 
		   Connection conn= CommonFunction. getConnection();
		 // step2 数据解析 	  
		   JSONObject json= JSONObject.fromObject(jsonData);
		   String Manager_Telnum=json.getString("Manager_Telnum");
		   String Manager_Secret=json.getString("Manager_Secret");
		   int Manager_Authority= json.getInt("Manager_Authority");
		   try {
		   String sql = "select * from Tb_Parent_Manager where Manager_Telnum="+Manager_Telnum+"";  
			stm=conn.createStatement(ResultSet.TYPE_FORWARD_ONLY,ResultSet.CONCUR_READ_ONLY);
			rs= stm.executeQuery(sql);
			if(rs.next()){
				String correctSecret= rs.getString("Manager_Secret");
				if(correctSecret.equals(Manager_Secret)){
				String Ahourity=rs.getString("Manager_Authority"); 
				CharSequence isAhouritied=Ahourity.subSequence(Manager_Authority-1, Manager_Authority);
				if(isAhouritied.charAt(0)=='1'){
					String isManager_Authority= rs.getString("Manager_isAuthority");
					if(isManager_Authority.equals("1")){
					result.put("ActionStatus", true);
					result.put("ErrorInfo", "登陆成功");
					}else{
						result.put("ActionStatus", false);
						result.put("ErrorInfo", "该用户没有被授权");
					}
					
				}else{
					result.put("ActionStatus", false);
					result.put("ErrorInfo", "角色不对");
				}
				}else{
					result.put("ActionStatus", false);
					result.put("ErrorInfo", "密码不正确");
				}
			}else{
				result.put("ActionStatus", false);
				result.put("ErrorInfo", "不存在该用户");
			}
			
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		} 
		   
		   closeConn(conn, pstm, stm, rs);
		   return result;
	 }
	
	 private static void closeConn(Connection conn,PreparedStatement pstm,Statement stm, ResultSet rs){
		 
		 
			try {
				 if(conn!=null) conn.close();
				 if(pstm!=null) pstm.close();
				 if(stm!=null) stm.close();
				 if(rs!=null) rs.close();
			} catch (SQLException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
		 
	 }
	
}
